Sophos Firewall Follies: Patch Now or Face the Remote Code Execution Blues!
Sophos patched five vulnerabilities in its firewall, including a critical file-writing flaw, CVE-2025-6704. But don’t panic yet! This bug only impacts a small fraction of devices, requiring a specific SPX configuration and High Availability mode. So, unless your firewall’s got a thing for rare modes, you’re probably safe!
Hot Take:
Sophos has just released some hot-fixes hotter than a jalapeño in a sauna! With five new vulnerabilities patched, it seems Sophos Firewall had more holes than a Swiss cheese convention. But fear not, because Sophos has come to the rescue faster than you can say “remote code execution.” If you’re still running an older version, consider upgrading faster than a caffeine-fueled squirrel on a treadmill. Time to patch up, folks, because these vulnerabilities won’t fix themselves!
Key Points:
- Five vulnerabilities in Sophos Firewall have been patched, with a focus on preventing remote code execution (RCE).
- CVE-2025-6704 is a critical flaw with a CVSS score of 9.8, targeting the Secure PDF eXchange (SPX) feature.
- Another critical issue, CVE-2025-7624, is an SQL injection vulnerability in the legacy SMTP proxy.
- High-severity bug CVE-2025-7382 targets the WebAdmin component, potentially allowing command injection.
- Patches cover versions from 19.0 MR2 to 21.5 GA, with some bugs requiring specific configurations to be exploitable.